The "Security Considerations" section of "HTTP/1.1, part 1" does not
mention DNS rebinding attacks. The normative language in the section
on "DNS spoofing" seems to require vulnerability to DNS rebinding
attacks:
"""
If HTTP clients cache the results of host name lookups in order to
achieve a performance improvement, they MUST observe the TTL
information reported by DNS
"""
--Tyler
--
"Waterken News: Capability security on the Web"
http://waterken.sourceforge.net/recent.html